Re: [clamav-users] My second server is under 100.2

You mean: https://blog.clamav.net/2018/12/libclamav-missing-headers-issue.html ? -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com > On Dec 29, 2018, at 4:19 PM, J.R

Re: [clamav-users] ClamAV Scan results

Likely not. I would bet that there are some poorly written yara sigs in your environment. Sent from my  iPhone > On Jan 4, 2019, at 07:28, Kaushal Shriyan wrote: > > Hi, > > I have the below details > > [root@ clamav]# clamscan --version > ClamAV 0.100.2/25267/Fri Jan 4 06:17:25 2019 >

[clamav-users] ClamAV® blog: ClamAV 0.101.1 Patch has been released

> > https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html > > > ClamAV 0.101.1 Patch has been released > > ClamAV 0.101.1 is an urgent patch release to address an issue in 0.101.0 > specifically fo

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

Solaris is definitely not one of the OSs in our build farm. Just FYI. > On Jan 8, 2019, at 1:05 AM, Gary R. Schmidt wrote: > > On 08/01/2019 05:33, Joel Esler (jesler) wrote: >>> >>> https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html >&g

Re: [clamav-users] False Positives - Heuristics.Phishing.Email.SpoofedDomain

Check out http://www.clamav.net/documents/miscellaneous-faq > On Jan 8, 2019, at 2:43 PM, Ken Campney wrote: > > Emails from credit card companies I deal with have since 12/10/18 been > getting flagged by Heuristics.Phishing.Email.SpoofedDo

[clamav-users] Qnap

I’ve suddenly started receive a lot of emails from Qnap users saying they can’t update ClamAV anymore. Anyone have a Qnap system that is technically inclined that can help me troubleshoot? Sent from my  iPhone ___ clamav-users mailing list clamav-use

[clamav-users] ClamAV® blog: Bugzilla Maintenance tomorrow Feb 12th

> https://blog.clamav.net/2019/02/bugzilla-maintenance-tomorrow-feb-12th.html > Notice to all ClamAV users, our bugzilla instance at bugzilla.clamav.net will be experiencing some downtime tomorrow at 9am EST, February

Re: [clamav-users] Do you see clamav's exact detection rate and error detection rate?

I think that Shadowservers statistics are drastically wrong and haven’t changed in about 5 years. That’s number one. Sent from my  iPhone > On Feb 15, 2019, at 04:26, 조정환 wrote: > > Hello everyone ~ > > I looked around the other site bulletin board for .clamav, and I had a > question, so

[clamav-users] Testing

Testing! Sent from my  iPhone smime.p7s Description: S/MIME cryptographic signature ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https:/

Re: [clamav-users] Testing

May take time for DNS to get out. Sent from my  iPhone > On Feb 20, 2019, at 17:20, Benny Pedersen wrote: > > Joel Esler (jesler) skrev den 2019-02-20 23:14: >> Testing! > > DKIM and DMARC still fails > > no news there :( >

Re: [clamav-users] local server takes time to update clamav db

> On Dec 10, 2020, at 6:06 AM, G.W. Haywood via clamav-users > wrote: > > Hi there, > > On Wed, 9 Dec 2020, Micah Snyder (micasnyd) via clamav-users wrote: > >> This message: >> “*The daily.cvd database downloaded from https://database.clamav.net >> is one version older than advertised in th

Re: [clamav-users] local server takes time to update clamav db

> On Dec 10, 2020, at 9:07 AM, Andrew C Aitchison > wrote: > > On Thu, 10 Dec 2020, Joel Esler (jesler) via clamav-users wrote: > >>> >>> >> >> By “unable to resolve” Micah means: “There’s nothing more we can do >> to solve th

Re: [clamav-users] local server takes time to update clamav db

> On Dec 10, 2020, at 11:58 AM, Paul Kosinski via clamav-users > wrote: > > I would imagine that Cloudflare has a means of fetching a specific file > from any of their own mirror servers (via its unique, non-anycast, IP > address) to check its operation. If ClamAV DB files could be requested >

Re: [clamav-users] local server takes time to update clamav db

> On Dec 10, 2020, at 12:21 PM, G.W. Haywood via clamav-users > wrote: > > But the real fix must be in the hands of Cloudflare, or perhaps those > of Cloudflare's customers (making more fuss about something which, at > first sight, could very easily be remedied). While I agree, I am sure twea

Re: [clamav-users] local server takes time to update clamav db

sleep for awhile and then try again. If the >>> second attempt still fails then give the error to the user. >> >> I want to be clear -- the message that was originally reported is not an >> error message. It's a verbose (a.k.a debug-level) message. If you're >

Re: [clamav-users] local server takes time to update clamav db

Both of those things are done as well. Sent from my  iPhone > On Dec 13, 2020, at 19:24, Dave Warren via clamav-users > wrote: > > On 2020-12-11 08:51, Paul Kosinski via clamav-users wrote: >> "The whole CVD filename is not versioned (always "daily.cvd") which is >> why the CloudFlare cach

Re: [clamav-users] How can we consume .ldb files in ClamAV Ubuntu?

Also, we have shipped detection which detects the same things Fireeye was detecting and much more, also rewritten to be more efficient in the official ruleset. Sent from my  iPhone > On Dec 14, 2020, at 18:54, G.W. Haywood via clamav-users > wrote: > > Hi there, > >> On Mon, 14 Dec 2020,

Re: [clamav-users] ClamAV Fireeye Rules?

Again, same as I wrote on the Snort list, we rewrote all of this detection and it is in the official ClamAV database, so If you are using fresh clam to update from clamav, you already have it. On Dec 17, 2020, at 3:44 PM, bobby via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: I

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

I pretty much disagree with this. 90% or greater of what is sent into clamav.net is covered in less than 24 hours, and to a much greater degree. We don’t aim to cover just the sample you sent in, we cover all the variants of that sample at the time, if possible. On Dec 21,

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

On Dec 21, 2020, at 4:02 PM, eric-l...@truenet.com wrote: Joel, I pretty much disagree with this. 90% or greater of what is sent into http://clamav.net is covered in less than 24 hours, and to a much greater degree. We don’t aim to cover ju

Re: [clamav-users] How can we consume .ldb files in ClamAV Ubuntu?

Yes Sent from my  iPhone > On Dec 22, 2020, at 02:30, Luca Sironi via clamav-users > wrote: > >  > Hello, > are those signatures coming from FireEye github already included on the > regular update ? > > regards > Luca > > ___ > > clamav-users m

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

Isn’t that literally the opposite of what needs to happen? On Dec 22, 2020, at 1:27 AM, Brent Clark via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: Hiya Can you please submit to Sanesecurity too. https://sanesecurity.com/contact-us/ Regards Brent On 2020/12/21 18:44, eric-l..

Re: [clamav-users] freshclam can't download updates due to SSL issue

Nothing has changed on our end. Sent from my  iPhone > On Dec 23, 2020, at 13:57, Chris via clamav-users > wrote: > >  > Hello > > I'm using ClamAV version 0.103.0 and recently whenever I try to update ClamAV > with freshclam, for some reason it spits out this error: > > WARNING: Downloa

Re: [clamav-users] Remove from list

Please go to here: https://lists.clamav.net/mailman/listinfo/clamav-users At the bottom and follow the links to unsubscribe. Sent from my  iPad > On Dec 30, 2020, at 20:54, Jim and Jenn Guild via clamav-users > wrote: > >  Hi, > > Would you please remove me from the mailing list? > > Tha

Re: [clamav-users] [SUSPICIOUS] Re: Question about Urlhaus.Malware.452652-9766253-0

You should set it to ignore if you don’t want to use it. Sent from my  iPad > On Dec 30, 2020, at 20:16, Orion Poplawski wrote: > > So that is a apparently a malicious site as determined by Urlhaus and is on > their filter list. But how is it useful as a ClamAV signature? You are not > goin

Re: [clamav-users] ClamAv help

What would you like to do other than what you have done? Seems like you were able to cover the basics. Sent from my  iPhone > On Dec 31, 2020, at 15:47, Jay A. Schoon via clamav-users > wrote: > >  Hello: > > I have installed ClamAV on a Mac running Mojave 10.14.6. I have successfully

Re: [clamav-users] Problem with private mirror and cld, inc files

Why wouldn’t you just download less often? Instead of doing all of this? We publish updates once a day, there’s no need to download the entire package once a second. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort

Re: [clamav-users] Problem with private mirror and cld, inc files

s the only blocker to make this > work :/ > > On Tue, Jan 26, 2021 at 7:00 PM Joel Esler (jesler) <mailto:jes...@cisco.com>> wrote: > Why wouldn’t you just download less often? Instead of doing all of this? We > publish updates once a day, there’s no need to download the

Re: [clamav-users] Problem with private mirror and cld, inc files

oad simultaneously. To further scale without issues it >> seemed quite easy (and it was easy in practice) to use a private mirror. The >> system conditions and the cld & inc files is the only blocker to make this >> work :/ >> >> On Tue, Jan 26, 2021 at 7:00 P

Re: [clamav-users] freshclam logs "DNS record is older than 3 hours."

> On Jan 29, 2021, at 7:50 AM, Gary R. Schmidt wrote: > > On 29/01/2021 21:57, G.W. Haywood via clamav-users wrote: >> Hi there, >> On Fri, 29 Jan 2021, Gary R. Schmidt wrote: >>> I've just noticed that freshclam has logged "DNS record is older than 3 >>> hours." twice in the last few days. >>

[clamav-users] ClamAV® blog: ClamAV 0.103.1 patch release

> > https://blog.clamav.net/2021/02/clamav-01031-patch-release.html > > > ClamAV 0.103.1 patch release > > ClamAV 0.103.1 is out now. Users can head over to clamav.net/downloads > to download

Re: [clamav-users] [SUSPECTED SPAM] When was 0.103.1 announced on *this* list?

I forgot to announce it. Sorry about that. — Sent from my  iPad > On Feb 9, 2021, at 10:14, Paul Kosinski via clamav-users > wrote: > > I save all the ClamAV mail, and couldn't find an announcement. > > ___ > > clamav-users mailing list > clam

Re: [clamav-users] [When was 0.103.1 announced on *this* list?

at my mail filtering isn't misbehaving (and that no > "blackhat" is subtly attacking ClamAV). > > > On Tue, 9 Feb 2021 18:37:26 + > "Joel Esler (jesler)" wrote: > >> I forgot to announce it. Sorry about that. >> >> — >&g

[clamav-users] ClamAV® blog: ClamAV EOL versions prior to 0.100

> > https://blog.clamav.net/2021/02/clamav-eol-versions-prior-to-0100.html > > > ClamAV EOL versions prior to 0.100 > > <>ClamAV community, we want to inform you that, effective March 1, ClamAV > 0.99.0 (and all minor v

Re: [clamav-users] Freshclam failing to get update

Everyone should upgrade to current. So many CVEs have been patched in the past couple of major versions. We’ve shut off older versions as it’s costing a fortune for us to keep feeding older versions of ClamAV, which download the daily.cvd in its entirety, once a second. (So many people do thi

Re: [clamav-users] Problem updating dats

Please send me the IP that you are attempting to connect from off list. > On Feb 12, 2021, at 11:58 AM, Justus Addiss via clamav-users > wrote: > > About three days ago our HP-UX server stopped being able to get DAT updates > via freshclam. A SPARC system is still getting them successfully, an

Re: [clamav-users] ClamAV not even mentioned in article "The 6 Best Antiviruses for Linux 2021"

This is what happens when you don’t pay people for SEO. Sent from my  iPhone > On Feb 19, 2021, at 12:10, Paul Kosinski via clamav-users > wrote: > > https://www.safetydetectives.com/best-antivirus/linux/ > > ___ > > clamav-users mailing list >

Re: [clamav-users] ClamAV not even mentioned in article "The 6 Best Antiviruses for Linux 2021"

These types of articles are written purely for seo. We get contacted constantly about this type of thing. Sent from my  iPhone > On Feb 19, 2021, at 17:26, Andrew C Aitchison via clamav-users > wrote: > >  >> On Fri, 19 Feb 2021, Paul Kosinski via clamav-users wrote: >> >> https://www.s

Re: [clamav-users] Virus Sigs not updating

Please keep your security software up to date. If you don’t like ClamWin, we have ClamAV for Windows right on the website. It doesn’t have the GUI that ClamWin does, (simply because we don’t have the development time to dedicate to it). Really would love it if someone from the community would

Re: [clamav-users] FreshClam can't download database

You’re not sending “server-name” in your test there: echo | openssl s_client -connect database.clamav.net:443 -servername database.clamav.net | openssl x509 -text -noout > On Feb 24, 2021, at 5:05 PM, Royce Souther via clamav-users > wrote: > > It looks like the SSL cert for database.clamav

[clamav-users] Rate Limiting Downloads

All — I’ve had to be more stringent on the rate limiting for the daily.cvd and main.cvd files. It seems that some people either have stuck cron jobs (or are doing it on purpose) and downloading the full file 200k-300k times a day. We release AV updates once a day, in an emergency slightly more

Re: [clamav-users] Rate Limiting Downloads

Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org > On Mar 3, 2021, at 9:57 AM, Joel Esler (jesler) via clamav-users > wrote: > > Signed PGP part > All — > > I’ve had to be more stringent on the rate limiting

Re: [clamav-users] Virus def download results in 403 Forbidden

Are you using Freshclam to download the updates? > On Mar 5, 2021, at 12:58 PM, Ritch Parker wrote: > > Hello, > > Yesterday, for some reason, all my AWS VMs receive a 403 Forbidden response > from clamav when attempting to pull the latest cvd files. I’ve tried from > two different instances

Re: [clamav-users] Virus def download results in 403 Forbidden

d to be the best fit. > > >> On Mar 5, 2021, at 10:20 AM, Joel Esler (jesler) via clamav-users >> wrote: >> >> Are you using Freshclam to download the updates? >> >>> On Mar 5, 2021, at 12:58 PM, Ritch Parker wrote: >>> >>> Hello

Re: [clamav-users] Downloading CVD files manually..

Correct. Wget is restricted. I wrote that in my email. So if you upgrade your version of freshclam/ClamAV, you should be good. Please see our blog post made back in the beginning of February. Sent from my  iPhone > On Mar 6, 2021, at 16:10, Paul Smith via clamav-users > wrote: > > OK,

[clamav-users] Restriction of downloads

ClamAV community- I’m very sorry that it has come to where we are at with the current restrictions around downloading of virus definitions. If you are receiving a 403 or a 1020 error when attempting to download, please use Freshclam, and make sure that version of Freshclam is not an eol’ed ver

Re: [clamav-users] (no subject)

ClamWin is not a ClamAV product. They use our engine, but we don’t make it. ClamWin needs to update to a more current version of ClamAV, they are very far behind. — Sent from my  iPad > On Mar 6, 2021, at 21:54, Tech Support via clamav-users > wrote: > >  > Hi, > > > I’m using clamw

Re: [clamav-users] I can't update Clamav database for 5 days

Thank you all for understanding, and yes, I could have been more clear in the blog post. But the intention is that when EOL happens, those versions are now disabled. — Sent from my  iPad > On Mar 7, 2021, at 11:18, Paul Smith via clamav-users > wrote: > >  > On 07/03/2021 15:55, Arjen de

Re: [clamav-users] QNAP - Cannot update virus definition & cannot wget *.cvd (receive error 403 forbidden)

So, Qnap is up to date? But people using older versions need to update their Qnap software? Is that what’re your saying? It seems like the holdouts are ClamWin and Qnap. A lot of the issues that I have seen of versions lower than 0.100 are those two. — Sent from my  iPad > On Mar 7, 2021,

Re: [clamav-users] QNAP - Cannot update virus definition & cannot wget *.cvd (receive error 403 forbidden)

:48 PM, Joel Esler (jesler) via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: So, Qnap is up to date? But people using older versions need to update their Qnap software? Is that what’re your saying? It seems like the holdouts are ClamWin and Qnap. A lot of the issues that I

Re: [clamav-users] Script PHP to refresh private miror in sinergy with freshclam

Also this: “ SERIOUSLY ? MORE THAN 100 DAYS WITHOUT UPDATE ? IT WILL COST LESS MONEY ON BANDWITH AT CLAMAV IF YOU DOWNLOAD THE FULL NEW DATABASE";” Is incorrect. It costs less to download 100 cdiffs than it does to download the full daily. Sent from my  iPhone On Mar 7, 2021, at 18:07, Vinc

Re: [clamav-users] Restriction of downloads

ground right now, for anyone on the client side that has been paying attention to the downloads over the last couple days, you’ve seen it work then not work then work again. Please use Freshclam. Sent from my  iPhone On Mar 6, 2021, at 19:33, Joel Esler (jesler) wrote:  ClamAV community

Re: [clamav-users] 回覆: Not able to use curl to download the cvd files successfully

Please use either FreshClam or our new tool cvdupdate: https://github.com/micahsnyder/cvdupdate Just replace your CURL script with this. On Mar 8, 2021, at 9:19 AM, Lo Nelson via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: Hi Matus, I use a Windows server with Cygwin installed

Re: [clamav-users] Script PHP to refresh private miror in sinergy with freshclam

Okay, users of this script should be good to go. I would suggest that you put this on GitHub, and we’ll link to it from the official FAQ. On Mar 7, 2021, at 6:06 PM, Vincent GUESNARD via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: My last edit for today just to magnify cli retur

Re: [clamav-users] Not able to use curl to download the cvd files successfully

On Mar 8, 2021, at 9:36 AM, Todd Aiken mailto:todd.ai...@ubishops.ca>> wrote: > From: clamav-users > mailto:clamav-users-boun...@lists.clamav.net>> > on behalf of Lo Nelson via clamav-users > mailto:clamav-users@lists.clamav.net>> > Reply-To: ClamAV users ML > mailto:clamav-users@lists.clam

Re: [clamav-users] ASP : Forbidden 403 on download virus database

Vincent, I don’t show that IP in our logs. However, check out: https://lists.clamav.net/pipermail/clamav-users/2021-March/010577.html -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org On Mar 8, 2021, at 5:12 AM,

Re: [clamav-users] Not able to use curl to download the cvd files successfully

On Mar 8, 2021, at 11:30 AM, Todd Aiken mailto:todd.ai...@ubishops.ca>> wrote: > From: clamav-users > mailto:clamav-users-boun...@lists.clamav.net>> > on behalf of "Joel Esler (jesler) via clamav-users" > mailto:clamav-users@lists.clamav.net>> >

Re: [clamav-users] Freshclam network unreachable

Hello Adam, Thank you for your email. As a result of events documented in places here: https://lists.clamav.net/pipermail/clamav-users/2021-March/010577.html and https://lists.clamav.net/pipermail/clamav-users/2021-March/010543.html We’ve been forced to take emergency measures to protect the Cla

Re: [clamav-users] Rép. : Re: ASP : Forbidden 403 on download virus database

resent ourselves well with the IP 217.109.233.245. Do you see our attempts ? Best regards. 2 rue du Maupas 87040 Limoges cedex 1 tel : 05 55 12 00 00 www.asp-public.fr<http://www.asp-public.fr> Soyons eco-responsables, n imprimons nos courriels que si necessaire. >>> "Joel

Re: [clamav-users] Blocked by Cloudflare

Hello ClamAV, Thank you for your email. As a result of events documented in places here: https://lists.clamav.net/pipermail/clamav-users/2021-March/010577.html and https://lists.clamav.net/pipermail/clamav-users/2021-March/010543.html We’ve been forced to take emergency measures to protect the C

Re: [clamav-users] Freshclam network unreachable

Out of procedural curiosity, why would someone want to disable ipv6? > On Mar 8, 2021, at 6:40 PM, G.W. Haywood via clamav-users > wrote: > > Hi there, > > On Mon, 8 Mar 2021, Adam Bashore via clamav-users wrote: > >> I'm able to telnet to port 80 at db.local.clamav.net without issue. but I >

Re: [clamav-users] Freshclam network unreachable

Thanks team, was just wondering. On Mar 9, 2021, at 11:52 AM, Gene Heskett via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: On Tuesday 09 March 2021 09:37:59 Joel Esler (jesler) via clamav-users wrote: Out of procedural curiosity, why would someone want to disable ipv6?

Re: [clamav-users] Rate Limiting Downloads

mav-users > wrote: > > Hi there, > > On Thu, 4 Mar 2021, Joel Esler (jesler) via clamav-users wrote: > >> ... >> Downloading using other than FreshClam has now been limited. >> ... > > Should this not have gone to

Re: [clamav-users] Rate-limiting question

You shouldn’t be rate limited if Freshclam is operating correctly. Can you give me an IP to look up? Sent from my  iPhone On Mar 9, 2021, at 16:58, Jimmy Tigert via clamav-users wrote:  Greetings, We are experiencing the results of the current rate-limits due to some parties’ activities

Re: [clamav-users] Database update downloads blocked with 403 error

Hello Matt, Thank you for your email. As a result of events documented in places here: https://lists.clamav.net/pipermail/clamav-users/2021-March/010577.html and https://lists.clamav.net/pipermail/clamav-users/2021-March/010543.html We’ve been forced to take emergency measures to protect the Cla

Re: [clamav-users] Database update downloads blocked with 403 error

Preach. On Mar 10, 2021, at 11:48 AM, Paul Smith via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: People think if they're downloading to a server and then their users' PCs download from that server, then they're saving bandwidth, but about 11,000 client computers getting a CDIFF

Re: [clamav-users] freshclam getfile failed - and clamav links Cloudfare 1020 error.

That browser is blocked because it’s old as heck, and we’re dealing with automated bots that are randomizing and using illegitimate browser User-Agents to try and bypass the controls. On Mar 10, 2021, at 2:01 PM, r.dodin via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: Hi, My

Re: [clamav-users] Unable to download clamav cvd file using google cloud python function

On Mar 10, 2021, at 12:31 PM, Paul Smith via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: On 10/03/2021 17:00, Paul Kosinski via clamav-users wrote: I wonder how many "ordinary" users of ClamAV are giving up on using it after getting permanent 403s. I would imagine there are lots

Re: [clamav-users] Unable to download clamav cvd file using google cloud python function

On Mar 10, 2021, at 1:42 PM, Arjen de Korte via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: Citeren Paul Smith via clamav-users mailto:clamav-users@lists.clamav.net>>: Indeed. There does seem to be a view from some people here that anyone using ClamAV should be regularly updat

Re: [clamav-users] looks like I have a problem too

> On Mar 10, 2021, at 3:58 PM, Arjen de Korte via clamav-users > wrote: > > Citeren Paul Smith via clamav-users : > >> That's certainly how it seems to behave here. If the DNS record hasn't >> changed, then it just says "everything's fine" and does nothing else. So, if >> you ran Freshclam

Re: [clamav-users] looks like I have a problem too

On Mar 10, 2021, at 3:29 PM, Paul Kosinski via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: I wrote a little script that run off cron every hour or so. But it *only* invokes freshclam after querying ClamAV's DNS TXT record to see if any advertised versions of 'daily', 'bytecode'

Re: [clamav-users] Restriction of downloads

You’ll have to work with qnap. We can’t update qnap. Sent from my  iPhone On Mar 11, 2021, at 13:39, Harv Azad via clamav-users wrote:  I’m a simple QNAP 509 (x2) user and having read the emails I’m a bit confused on how to resolve the issue of definitions not updating automatically. Havin

Re: [clamav-users] Private Mirror Via Artifactory

Hello, Thank you for your email. As a result of events documented in places here: https://lists.clamav.net/pipermail/clamav-users/2021-March/010577.html and https://lists.clamav.net/pipermail/clamav-users/2021-March/010543.html We’ve been forced to take emergency measures to protect the ClamAV e

Re: [clamav-users] Unable to download clamav cvd file using google cloud python function

vailable? > > > >> On Wed, 10 Mar 2021 22:29:41 + >> "Joel Esler \(jesler\) via clamav-users" >> wrote: >> >> To give everyone a frame of reference. This is what a Cdiff release and >> download cycle should look like: >> >>

Re: [clamav-users] Restriction of downloads

sonne autre qu'un destinataire, et toute diffusion ou publication ultérieure du contenu de ce message, en totalité ou en partie, est interdite sauf autorisation préalable et écrite de l'émetteur" ____ De: "Joel Esler (jesler) via clamav-users&qu

Re: [clamav-users] Restriction of downloads

Please don’t. You have two solutions provided from us. Please use one of them. Sent from my  iPhone On Mar 13, 2021, at 06:18, Eero Volotinen wrote:  Just use that php based freshclam replacement? Eero On Sat 13. Mar 2021 at 13.53, Matus UHLAR - fantomas mailto:uh...@fantomas.sk>> wrote:

Re: [clamav-users] Restriction of downloads

Team— The qnap and synology issues are a result of the EOL of <0.100. Not as a result of the abusive downloaders. Two separate issues. Our EOL policy that has been in place is “current version with all minor patches and one back with all minor patches”. This has been our policy for about 8–10

Re: [clamav-users] Restriction of downloads

> On Mar 13, 2021, at 08:53, Matus UHLAR - fantomas wrote: > >>> On 13.03.21 12:47, Joel Esler (jesler) via clamav-users wrote: >>> The qnap and synology issues are a result of the EOL of <0.100. Not as a >>> result of the abusive downloaders. Two separate i

Re: [clamav-users] Restriction of downloads

Thank you for writing in. Go to this URL to change user options or unsubscribe: https://lists.clamav.net/mailman/listinfo/ClamAV-users or by sending an email to clamav-users-le...@lists.users.net Thanks! Sent from my  iPhone On Mar 13, 2021, at 16:02, Rémy via clamav-users wrote:  As a re

Re: [clamav-users] Restriction of downloads

:53, Matus UHLAR - fantomas >>>> wrote: >>> >>>>> On 13.03.21 12:47, Joel Esler (jesler) via clamav-users wrote: >>>>> The qnap and synology issues are a result of the EOL of <0.100. Not as a >>>>> result of the abusive downloade

Re: [clamav-users] Exchange attacks...

Hello Eric, You’re saying that you were caught up in the Exchange attacks, but ClamAV was able to catch an installed Webshell? -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org On Mar 13, 2021, at 8:12 PM, Eric T

Re: [clamav-users] Restriction of downloads

> On Mar 13, 2021, at 9:33 AM, Arjen de Korte via clamav-users > wrote: > > In order to discourage downloading the main.cld and daily.cld files, would it > be an option to only update them on the download servers when a new ClamAV > release is made? This might nudge people that choose to no

Re: [clamav-users] Unable to download clamav cvd file using google cloud python function

there’s work on all sides right now. On Mar 11, 2021, at 7:20 AM, G.W. Haywood via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: Hi there, On Thu, 11 Mar 2021, Paul Smith via clamav-users wrote: On 10/03/2021 22:29, Joel Esler (jesler) via clamav-users wrote: ... in the past 24

Re: [clamav-users] can't find daily signatures

The links on the webpage have been removed. Please read the other email on this thread for cvdupate links or Freshclam. On Mar 16, 2021, at 1:57 PM, Volcy, Georges via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: Unable to find signatures on clamav.net. The f

Re: [clamav-users] wget http://database.clamav.net/daily-26108.cdiff ERROR 403: Forbidden.

Hello, Thank you for your email. As a result of events documented in places here: https://lists.clamav.net/pipermail/clamav-users/2021-March/010577.html and https://lists.clamav.net/pipermail/clamav-users/2021-March/010543.html We’ve been forced to take emergency measures to protect the ClamAV e

Re: [clamav-users] Unable to update ClamAV virus database on QNAP

No, the problem with Qnap is they are running an old version of Snort that has been EOL’ed and refuse to update, so they are blaming it on us. On Mar 17, 2021, at 9:47 AM, Bas Heeringa via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: L.s. Since begin March my NAS reported failure

Re: [clamav-users] Unable to update ClamAV virus database on QNAP

Err…. Old version of ClamAV, sorry. They are running something in the 0.99 range. On Mar 17, 2021, at 10:07 AM, Joel Esler mailto:jes...@cisco.com>> wrote: No, the problem with Qnap is they are running an old version of Snort that has been EOL’ed and refuse to update, so they are blaming it o

Re: [clamav-users] Offline Updating

Please use Freshclam or cvdupdate. On Mar 17, 2021, at 7:12 AM, presario2133--- via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: Hello, Instead of using Freshclam, are those folowing urls stil allowed to be used? http://database clamav.net/daily.cvd ht

Re: [clamav-users] Re :Re: Re :Re: Offline Updating

Everyone please check, this should be cleared up. > On Mar 18, 2021, at 9:47 AM, Rick Cooper wrote: > > They fixed it , works with all my browsers again > > > > -Original Message- > From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf > Of Matus UHLAR - fantomas

Re: [clamav-users] access denied to website

Please try again, it should be cleared up. On Mar 18, 2021, at 7:47 AM, John Pfuntner -X (jpfuntne - EASI LLC at Cisco) via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: I’m getting a Access Denied nastygram going anywhere at https://www.clamav.net/. What’s going on? I wish I k

Re: [clamav-users] Clamav.net access denied

I’ll write you off list. On Mar 18, 2021, at 1:34 PM, Parker, Travis M. via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: Hello, I am having issues getting to the clamav.net site to download clamav and access the documentation. Between yesterday and today I lo

Re: [clamav-users] Re :Re: Re :Re: Offline Updating

You’re going to have to give me an IP or a RayID to look up. On Mar 18, 2021, at 1:40 PM, Matus UHLAR - fantomas mailto:uh...@fantomas.sk>> wrote: On 18.03.21 14:22, Joel Esler (jesler) via clamav-users wrote: Everyone please check, this should be cleared up. still a problem with sea

Re: [clamav-users] Offline Updating

er > > On 18/03/2021 19:11, Matus UHLAR - fantomas wrote: >> On 18.03.21 17:42, Joel Esler (jesler) via clamav-users wrote: >>> You’re going to have to give me an IP or a RayID to look up. >> >> Cloudflare Ray ID: 63206b9ccdf238b7 >> >> >>>

Re: [clamav-users] 403 Access Denied

Hello, Thank you for your email. As a result of events documented in places here: https://lists.clamav.net/pipermail/clamav-users/2021-March/010544.html and https://lists.clamav.net/pipermail/clamav-users/2021-March/010578.html We’ve been forced to take emergency measures to protect the ClamAV e

[clamav-users] ClamAV® blog: ClamAV, CVDs, CDIFFs and the magic behind the curtain

https://blog.clamav.net/2021/03/clamav-cvds-cdiffs-and-magic-behind.html ClamAV, CVDs, CDIFFs and the magic behind the curtain The amount of malicious files that ClamAV can detect has increased immensely over the past few years, but with this increase in efficacy comes some challenges with sc

Re: [clamav-users] Linode Clam AV Updates

Linode is our second biggest abuser. Slow your updater down. Sent from my  iPhone > On Mar 19, 2021, at 19:40, Grant Taylor via clamav-users > wrote: > > On 3/19/21 4:57 PM, Bill Speidel wrote: >> hi, > > Hi, > >> Clam AV has put it's database behind Cloudflare... as a result the

Re: [clamav-users] Linode Clam AV Updates

Please check out cvdupdate or Freshclam for your updates. Once or twice a day to check is fine. Sent from my  iPhone > On Mar 19, 2021, at 23:16, Bill Speidel wrote: > > hi, > > thanks for the response... i'm new to the clam users list... i did see > that the freshclam routine was p

Re: [clamav-users] Linode Clam AV Updates

They aren’t blocked. They fall into the same rate limit that the rest of the planet does Sent from my  iPhone > On Mar 20, 2021, at 00:37, Gary R. Schmidt wrote: > > On 20/03/2021 14:12, Bill Speidel wrote: > [SNIP] >> on the other hand if all of Linode is blocked then there's not much

Re: [clamav-users] Linode Clam AV Updates

We haven’t published an updated safebrowsing file in about 3 or 4 years. https://blog.clamav.net/2020/06/the-future-of-clamav-safebrowsing.html Sent from my  iPhone On Mar 20, 2021, at 00:21, Grant Taylor via clamav-us

Re: [clamav-users] Linode Clam AV Updates

, at 09:22, Joel Esler (jesler) wrote:  We haven’t published an updated safebrowsing file in about 3 or 4 years. https://blog.clamav.net/2020/06/the-future-of-clamav-safebrowsing.html<https://blog.clamav.net/2020/06/the-future-of-clamav-safebrowsing.html?m=1> Sent from my  iPhone On

<    2   3   4   5   6   7   8   9   10   >